Certificates are not installed if they are placed inside %localappdata%

VERIFIED FIXED in Firefox -esr60

Status

()

defect
VERIFIED FIXED
7 months ago
6 months ago

People

(Reporter: emilghitta, Assigned: mkaply)

Tracking

Trunk
Firefox 65
All
Windows
Points:
---

Firefox Tracking Flags

(firefox-esr6064+ verified, firefox63 unaffected, firefox64 verified, firefox65 verified)

Details

Attachments

(2 attachments)

(Reporter)

Description

7 months ago
Posted file policies.json
[Affected versions]:
Firefox 65.0a1 
Firefox 64.0b6 

[Affected platforms]:
Windows 10 64bit.

[Preconditions]:
1. Download the root certificate from http://www.cacert.org/index.php?id=3 and place it inside %USERNAME\AppData\Local\Mozilla\Certificates 
2. Place the attached json file inside the distribution folder.

[Steps to reproduce]:
1. Launch Firefox.
2. Access the about:preferences page.
3. Search for Root CA inside the Certificate Manager.

[Expected result]:
The certificate is successfully installed.

[Actual result]:
The certificate is not installed.

[Note]:
It seems that the certificates are successfully installed via policies.json if they are placed inside %USERNAME\AppData\Roaming\Mozilla\Certificates

Comment 2

6 months ago
Pushed by mozilla@kaply.com:
https://hg.mozilla.org/integration/autoland/rev/30bc16db58ab
Read certs from local and roaming on Windows. r=Felipe

Comment 3

6 months ago
bugherder
https://hg.mozilla.org/mozilla-central/rev/30bc16db58ab
Status: NEW → RESOLVED
Last Resolved: 6 months ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 65
Assignee: nobody → mozilla
(Reporter)

Comment 4

6 months ago
This issue is verified fixed using Firefox 65.0a1 (BuildId:20181111220121) on Windows 10 64bit.
Status: RESOLVED → VERIFIED
Does this need uplift to Beta?
Flags: needinfo?(mozilla)
(Assignee)

Comment 6

6 months ago
Comment on attachment 9023721 [details]
Bug 1504691 - Read certs from local and roaming on Windows.

[Beta/Release Uplift Approval Request]

Feature/Bug causing the regression: Bug 1474683

User impact if declined: Can't import from certain locations,

Is this code covered by automated tests?: No

Has the fix been verified in Nightly?: Yes

Needs manual test from QE?: No

If yes, steps to reproduce: 

List of other uplifts needed: None

Risk to taking this patch: Low

Why is the change risky/not risky? (and alternatives if risky): Adds another path to list, very low risk.

String changes made/needed:
Flags: needinfo?(mozilla)
Attachment #9023721 - Flags: approval-mozilla-beta?
Comment on attachment 9023721 [details]
Bug 1504691 - Read certs from local and roaming on Windows.

policy engine tweak, verified in nightly; approved for 64.0b10
Attachment #9023721 - Flags: approval-mozilla-beta? → approval-mozilla-beta+
(Reporter)

Comment 9

6 months ago
This issue is verified fixed using Firefox 64.0b10 (BuildId:20181115150739) on Windows 10 64bit.
(Assignee)

Comment 10

6 months ago
Comment on attachment 9023721 [details]
Bug 1504691 - Read certs from local and roaming on Windows.

[ESR Uplift Approval Request]

If this is not a sec:{high,crit} bug, please state case for ESR consideration: Followup fix to bug 1474683

User impact if declined: Certs import from the wrong location on Windows

Fix Landed on Version: 64

Risk to taking this patch: Low

Why is the change risky/not risky? (and alternatives if risky): Just adds directory to existing patch

String or UUID changes made by this patch:
Attachment #9023721 - Flags: approval-mozilla-esr60?
Comment on attachment 9023721 [details]
Bug 1504691 - Read certs from local and roaming on Windows.

Fix for policy issue, verified in nightly, let's uplift for ESR.
Attachment #9023721 - Flags: approval-mozilla-esr60? → approval-mozilla-esr60+
(Assignee)

Comment 12

6 months ago
https://hg.mozilla.org/releases/mozilla-esr60/rev/6f64e970b7e97d84b36211377a4eb2f5ea112855

This was built locally on the ESR branch and tested.

Emil, can you test when landed?
(Reporter)

Comment 13

6 months ago
This is verified fixed using Firefox 60.3.1esr (provided in comment 12) on Windows 10 64bit.
You need to log in before you can comment on or make changes to this bug.